I want to encrypt the session key using the public key. How does the PGP software do this? Can somebody specify the procedure or function of encryption in Python?
Asked
Active
Viewed 3,967 times
4
-
Are you sure you need public-key (asymmetric) encryption? Except for cases when you need to publicly share session key between several sites/applications, symmetric (like AES or Serpent) encryption should be better. – drdaeman Jul 10 '09 at 20:29
3 Answers
3
There's also the PyCrypto module that looks exactly like what you are looking for: http://www.dlitz.net/software/pycrypto/ the API docs are here: http://www.dlitz.net/software/pycrypto/apidoc/ and some nice docs with basic examples of encrypting/decrypting here: http://www.dlitz.net/software/pycrypto/doc/.
I'll confess I haven't used this module, but it seems like you would establish a session with a public key, then use that to encrypt/decrypt the channel with a Crypto.PublicKey object. Then do the usual activity of generating a session key, communicating that over whatever channel you have. Finally, switch the channel to a Crypto.Cipher object using the session key.
Also, be sure to be very, very careful about how you obtain the value for your session key if security is a real concern, particularly on multiuser or only partially trusted machine.
Mike Miller
- 179
- 2
- 10
1
See this post for background information about the basic technology. That post is about encryption in general - for information about using gpg from Python, see this, for example.
Community
- 1
- 1
Vinay Sajip
- 95,872
- 14
- 179
- 191
0
See What is the best/easiest to use encryption library in python, which mentions a PGP-compatible solution, gpgme.
For reasons I ignore, nobody in How to do PGP in Python (generate keys, encrypt/decrypt) mentioned gpgme...
Community
- 1
- 1
bortzmeyer
- 34,164
- 12
- 67
- 91